Cryptology ePrint Archive: Report 2007/417

Algorithms and Arithmetic Operators for Computing the $\eta_T$ Pairing in Characteristic Three

Jean-Luc Beuchat and Nicolas Brisebarre and Jérémie Detrey and Eiji Okamoto and Masaaki Shirase and Tsuyoshi Takagi

Abstract: Since their introduction in constructive cryptographic applications, pairings over (hyper)elliptic curves are at the heart of an ever increasing number of protocols. Software implementations being rather slow, the study of hardware architectures became an active research area.

In this paper, we discuss several algorithms to compute the $\eta_T$ pairing in characteristic three and suggest further improvements. These algorithms involve addition, multiplication, cubing, inversion, and sometimes cube root extraction over $\mathbb{F}_{3^m}$. We propose a hardware accelerator based on a unified arithmetic operator able to perform the operations required by a given algorithm. We describe the implementation of a compact coprocessor for the field $\mathbb{F}_{3^{97}}$ given by $\mathbb{F}_3[x]/(x^{97}+x^{12}+2)$, which compares favorably with other solutions described in the open literature.

Category / Keywords: implementation / $\eta_T$ pairing, finite field arithmetic, elliptic curve, hardware accelerator, FPGA

Date: received 1 Nov 2007, last revised 9 Sep 2008

Contact author: beuchat at risk tsukuba ac jp

Available format(s): PDF | BibTeX Citation

Version: 20080910:013639 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]